byrona have you tried, ^\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S\S etc, for 64 and 56 occurrences? It may work as nothing else is changing, you will also need the Dek-info:.* as well.
Keep in mind when you do this stuff in production, you will impact real time change detection.
I am confused how any of the above are working without breaking real time detection. The Diff util uses BRE only and it's line by line, there's no multiline matching ever.
Have you guys actually validated you didn't break real time change detection entirely? I just want to ensure people don't see this thread and break stuff in their production environment considering this a closed answer.
Also, you would *most* likely need to use "\S" 64 times in a row since it's BRE and there are 64 non-white space characters per line, if there's no leading space ^\S first then 63 \S
I can't personally say that it's working. My network team said that is what they used and that it's working as expected. I will ask them to do a double check on it today and will let you know if they indicate that they have found any problems.
byrona No problem, see my edited comments. Honestly, I wouldn't want to try to account for this and I did give my best answer above to the problem. Lastly, the last line is 56 characters, you would need to check multiple keys and ensure it's 64 and 56 only.
Of final note, *IF* you happen to have a 56 or 64 non white space character line outside of this key, it will give a false match and ignore it.
Thank-you for the reply, but unfortunately these are still getting thru.
Would you be able to post your fortinet device template ?...and method of communication (SSH/SSH/TFTP).
Also what version of NCM are you currently running ?
Could the blank line be causing my issues ? (blank line is located just below the dek-info line)
Thanks in advance.
Were you ever able to figure out a RegEx Key pattern to use to ignore the -----END RSA PRIVATE KEY----- issue you were having. I have the same issue and the patter mentioned above doesn't work me as well.
'Shot of mine' changes all the time so I keep getting a "change" notification and new backup file. Any help would be appreciated. 🙂
-----END RSA PRIVATE KEY-----"
Uggg! Well thank you for your response. I'm going to continue poking around with things for a bit. If I do happen to come up with something I'll be sure to let you know.
This is old post but I am running into same issue with the DEK-info section of the fortinet and can't figure out the regex to make the multiple line match work. The provided "correct answer" doesn't work and it is causing this backup to flag as changed every time I perform my scheduled backup job.
Any help would be great.
Could you show us on a screenshot how that section looks for you?
E.g. there might be whitespace on the line before "Dek-info". In that case, you should use
[\t\r\n\v\f]*Dek-info: .*[\t\r\n\v\f]*-----END RSA PRIVATE KEY-----.*
Just an idea...
This is what the sections look like:
-----END RSA PRIVATE KEY-----"
From what I see each line is viewed as a separately changed line in NCM. Meaning its not viewing this entire section as one line.
So I wrote the following Comparison Criteria exclusions:
This should have excluded any lines that start with DEK as well as any line in configurations that start with 40 or more non-whitespace characters. However every time I back up the device it reports all the sections that start with DEK-Info line have changed.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.